Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Pi941BYewlyGvn2QrUEkwTBRz80.roa
File: Pi941BYewlyGvn2QrUEkwTBRz80.roa (raw, json)
Hash identifier: g7vdRAQssv9vz9KM3AUk3f59QLwDB+iKEWxSQB0sQ5U=
Subject key identifier: 3E:2F:78:D4:16:1E:C2:5C:86:BE:7D:90:AD:41:24:C1:30:51:CF:CD
Certificate issuer: /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial: 01849BA16412DC098BE66A852C409D73F38F
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Pi941BYewlyGvn2QrUEkwTBRz80.roa
Signing time: Mon 21 Nov 2022 19:19:15 +0000
ROA not before: Mon 21 Nov 2022 19:19:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 185.155.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:a1:64:12:dc:09:8b:e6:6a:85:2c:40:9d:73:f3:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Validity
Not Before: Nov 21 19:19:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e2f78d4161ec25c86be7d90ad4124c13051cfcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a0:54:c4:32:6b:e5:d2:8b:66:ab:5e:d7:f5:
46:d3:ed:d3:a9:45:8d:5b:e7:08:b1:ed:31:b1:15:
0a:d4:5c:3d:70:03:8f:67:49:a0:9d:e7:4a:52:63:
9f:13:e7:be:94:3e:1c:a9:bb:2c:33:ad:c0:f7:4d:
80:93:fa:46:b0:a8:00:f4:6e:68:a7:e6:cf:0f:79:
65:fb:77:c0:04:3d:8f:92:ae:f5:dc:6a:7c:2c:ea:
94:2f:45:59:b4:47:82:08:7d:94:46:3b:17:36:e0:
20:14:82:4c:c0:26:47:8e:fd:a5:75:0c:2a:70:e2:
58:b9:9f:11:e7:f6:52:84:a9:bf:53:44:50:2e:af:
ed:3e:f3:97:9c:19:5c:a1:ad:d8:ef:8e:2c:45:4f:
ae:ba:23:46:9a:26:4d:9c:7e:69:ba:e9:ea:8c:36:
f7:08:bd:7c:eb:9c:25:33:d6:99:1f:0e:a0:c0:9c:
b1:70:26:3d:74:30:65:d2:df:77:4b:0b:18:45:f2:
c9:27:73:b0:7f:28:5a:75:af:b5:89:bb:53:dd:73:
3a:a8:22:dd:cd:20:de:d3:43:39:79:80:f3:4e:1b:
f0:7f:85:9f:8d:2a:b8:0e:c7:d5:9e:3c:3d:29:38:
cf:1b:08:49:82:90:ba:14:b0:7c:2a:fe:77:5b:3a:
f6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2F:78:D4:16:1E:C2:5C:86:BE:7D:90:AD:41:24:C1:30:51:CF:CD
X509v3 Authority Key Identifier:
keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Pi941BYewlyGvn2QrUEkwTBRz80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.234.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:d8:9e:dc:e6:35:a5:00:e2:87:28:25:d2:8c:74:c0:ed:11:
1a:70:8d:c4:30:ad:70:fe:1a:25:d9:bd:fe:5d:af:f8:f4:cd:
c9:c5:f7:32:86:6b:71:40:11:79:27:77:ce:37:3c:2b:24:3b:
cb:8b:f3:0d:46:33:ac:0c:45:11:0d:92:97:83:7c:1a:81:48:
03:7e:e2:57:30:ec:31:52:6f:ad:aa:94:f7:8a:fa:f7:b2:30:
62:7b:71:8e:9b:7a:6e:e8:87:f3:f0:cc:ee:99:4c:a6:5f:22:
40:3c:18:54:2b:45:c8:d1:fe:78:d7:17:00:02:84:1f:c3:12:
93:15:74:56:97:e0:84:f8:85:99:d3:7d:e8:5d:3a:f5:5e:e2:
1e:73:8d:89:00:28:b1:a1:ea:0c:a5:ac:41:98:ba:12:c4:93:
93:a4:1f:ca:22:a8:23:6e:fc:b5:e2:4c:e7:03:69:2d:2a:cd:
4c:1a:47:23:29:df:4d:e0:88:12:96:38:be:30:53:fd:54:65:
4c:e2:05:9d:61:d4:14:2c:83:c4:85:ac:fb:7b:79:05:fa:95:
3c:84:80:98:18:6c:e5:00:5a:61:e4:da:b6:a0:d4:41:f9:cf:
6d:10:55:f1:53:ad:80:0d:32:9a:f7:1f:5c:02:19:a6:4d:52:
fc:62:2e:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSboWQS3AmL5mqFLECdc/OPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjIxMTIxMTkxOTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTJmNzhkNDE2MWVjMjVjODZiZTdkOTBhZDQxMjRjMTMwNTFjZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6BUxDJr5dKLZqte1/VG0+3TqUWN
W+cIse0xsRUK1Fw9cAOPZ0mgnedKUmOfE+e+lD4cqbssM63A902Ak/pGsKgA9G5o
p+bPD3ll+3fABD2Pkq713Gp8LOqUL0VZtEeCCH2URjsXNuAgFIJMwCZHjv2ldQwq
cOJYuZ8R5/ZShKm/U0RQLq/tPvOXnBlcoa3Y744sRU+uuiNGmiZNnH5puunqjDb3
CL1865wlM9aZHw6gwJyxcCY9dDBl0t93SwsYRfLJJ3Owfyhada+1ibtT3XM6qCLd
zSDe00M5eYDzThvwf4WfjSq4DsfVnjw9KTjPGwhJgpC6FLB8Kv53Wzr2ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4veNQWHsJchr59kK1BJMEwUc/NMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvUGk5NDFCWWV3bHlHdm4yUXJVRWt3VEJSejgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvqMA0G
CSqGSIb3DQEBCwUAA4IBAQCz2J7c5jWlAOKHKCXSjHTA7REacI3EMK1w/hol2b3+
Xa/49M3JxfcyhmtxQBF5J3fONzwrJDvLi/MNRjOsDEURDZKXg3wagUgDfuJXMOwx
Um+tqpT3ivr3sjBie3GOm3pu6Ifz8MzumUymXyJAPBhUK0XI0f541xcAAoQfwxKT
FXRWl+CE+IWZ033oXTr1XuIec42JACixoeoMpaxBmLoSxJOTpB/KIqgjbvy14kzn
A2ktKs1MGkcjKd9N4IgSlji+MFP9VGVM4gWdYdQULIPEhaz7e3kF+pU8hICYGGzl
AFph5Nq2oNRB+c9tEFXxU62ADTKa9x9cAhmmTVL8Yi4T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org